SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

I. FRONT AND CENTER
---------------------
1.Get Off My Cloud
By Mark Rasch
One of the features of Apple's device that appeals to me is the new MobileMe service, where you can "access and manage your email, contacts, calendar, photos, and files at me.com," according to Apple.
More companies, among them Microsoft and Google, already allow people to store information and use common services online -- or "in the cloud" -- leading analysts to refer to the entire trend as "cloud computing."
http://www.securityfocus.com/columnists/478

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.

This control is included with Microsoft SQL Server 2000; other versions may also be affected.

Remote attackers may leverage this issue to execute arbitrary code with SYSTEM-level privileges and allow the attacker to gain complete access to the vulnerable computer. Failed attacks will cause denial-of-service conditions.

This issue affects ZoneAlarm Security Suite 7.0.483.000; other versions may also be affected.

This issue may lead to a false sense of security, potentially aiding in network-based attacks.

Versions prior to Apple iTunes 8.0 are vulnerable to this issue.

5. Apple iTunes Third Party Driver Local Privilege Escalation Vulnerability
BugTraq ID: 31089
Remote: No
Date Published: 2008-09-09
Relevant URL: http://www.securityfocus.com/bid/31089
Summary:
Apple iTunes is prone to a local privilege-escalation vulnerability due to an integer-overflow issue.

Local attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition.

These issues arise when the application handles specially crafted PICT image files, movies, and QTVR movies. Successful exploits may allow attackers to gain remote unauthorized access in the context of a vulnerable user and to trigger a denial-of-service condition.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

An attacker can exploit this issue by enticing unsuspecting users to view a malicious BMP file.

Successfully exploiting this issue allows remote attackers to corrupt memory and execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

Attackers can exploit these issues to crash the affected application, denying service to legitimate users. Given the nature of these issues, attackers may also be able to run arbitrary code, but this has not been confirmed.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

Softalk Mail Server 8.5.1 is vulnerable; other versions may also be affected.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

NOTE: Supported editions of Windows Server 2008 are not affected if installed using the Server Core installation option.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.